This, as it sounds, is very bad. And while the larger ramifications of the breach, announced two weeks ago, are as of yet not fully understood, Facebook claims it has a decent grasp on one important detail: Whether or not you are one of the victims.
Here’s how to check: First, while logged into your Facebook account, head on over to the Help Center and scroll to the bottom of the page. You’ll see one of several detailed notices.
For starters, if you’re likely in the clear you’ll find this message: “Based on what we’ve learned so far, your Facebook account has not been impacted by this security incident. If we find more Facebook accounts were impacted, we will reset their access tokens and notify those accounts.”
Now, if your account was accessed, you’ll see a very different warning. Specifically, Facebook will tell you what info of yours it believes was scraped. If you’re on mobile, it may look like the examples the company provided on its blog.
New York Times reporter Mike Isaac tweeted screenshots from his own account, which show that all kinds of personal data — including his address, phone number, and date of birth (among other things) — were scraped by whoever is behind this.
So, if Facebook says your “account has not been impacted,” are you in the clear? Probably! Well, that is, unless Facebook finds out later that you aren’t.
After all, the company based these notices on what it’s “learned so far.” It’s fair to wonder what new information the executives at Facebook will learn tomorrow.